This 3-day, instructor-led course provides you with the knowledge & skills to design a secure network infrastructure. Topics include assembling the design team, modeling threats, & analyzing security risks in order to meet business requirements for secur

Course Outline

This three-day course provides you with the knowledge and skills to design a secure network infrastructure. Topics include assembling the design team, modeling threats, and analyzing security risks in order to meet business requirements for securing computers in a networked environment. The course encourages decision-making skills through real-life scenarios that the target audience may encounter. You are given the task of collecting the information and sorting through the details to resolve the given security requirement.

Course Outline

Module 1: Introduction to Designing Security

A security design is a comprehensive plan that guides the implementation of security policies and procedures for an organization. A security design helps an organization to organize its assets to implement security in a consistent and effective manner.

This module describes the basic framework for designing network security and introduces key concepts used throughout the course. It also introduces a fictional organization which the labs in the course use as an ongoing case study.

Lessons

Introduction to Designing Security for Microsoft Networks

Contoso Pharmaceuticals: A Case Study

After completing this module, students will be able to:

Provide an overview of designing security for Microsoft networks.

Describe the components of the case study for this course.

Module 2: Creating a Plan for Network Security

Plans for network security include documented security policies and procedures. These policies and procedures, when implemented, help to secure networks against compromises. This module describes the importance of security policies and procedures in a security design, and explains how a security design team must include representation from various members of the organization. The module also introduces the Microsoft Solutions Framework (MSF) process model, which provides a comprehensive framework that can be used to create a security design.

Lessons

Introduction to Security Policies

Designing Security by Using a Framework

Creating a Security Design Team

Lab : Creating a Plan for Network Security

Exercise 1: Identifying Reasons Why Security Policies Fail

Exercise 2: Determining the Members of a Security Design Team

After completing this module, students will be able to:

Describe common elements of security policies and procedures.

Create a security design framework by using the MSF process model.

Create a security design team.

Module 3: Identifying Threats to Network Security

Without security measures and controls in place, your data may be subjected to an attack. Some attacks are passive, which means that information is monitored; others are active, which means that the information is altered with intent to corrupt or destroy the data or the network itself.

Your networks and data are vulnerable to any of these types of attacks if you do not have a security plan in place.

In this module, you will learn how to identify possible threats to a network and understand common motivations of attackers. The module introduces the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) threat model as an effective way to predict where threats may occur in an organization.

Lessons

Introduction to Security Threats

Predicting Threats to Security

Lab : Identifying Threats to Network Security

Exercise 1: Identifying and Categorizing Threats by Using a Threat Model

Exercise 2: Documenting Security Threats

After completing this module, students will be able to:

Explain common network vulnerabilities and how attackers can exploit them.

Predict threats to security by using a threat model.

Module 4: Analyzing Security Risks

Many organizations cannot react to new security threats before their business is affected. Managing the security of their infrastructures - and the business value that those infrastructures deliver - has become a primary concern for information technology (IT) departments.

The Microsoft approach to security risk management is proactive and can assist organizations of all sizes with their response to the requirements presented by these environmental and legal challenges. A formal security risk management process enables enterprises to operate in the most cost-efficient manner by adopting a known and acceptable level of business risk. It also gives organizations a consistent, clear path to organize and prioritize limited resources in order to manage risk.

In this module, you will learn how to determine what resources in your organization require protection and how to prioritize those resources based on their value. You will then develop a risk management plan, based on the MOF risk model, to identify and analyze risks proactively and to determine an appropriate level of protection for each resource.

Lessons

Introduction to Risk Management

Creating a Risk Management Plan

Lab : Analyzing Security Risks

Exercise 1: Applying Quantitative and Qualitative Risk Analysis

After completing this module, students will be able to:

Explain the purpose and operation of risk management.

Create a risk management plan.

Module 5: Designing Physical Security for Network Resources

Physical security refers to physical measures designed to safeguard personnel, property, and information. The term applies to architectural features such as location, layout, barriers, doors, locks and bolts, and lighting, but also includes measures such as access control systems, alarm systems, and CCTV systems.

In this module, you will determine threats and analyze physical risks to resources in an organization. You will then learn how to design security for facilities, computers, mobile devices, and hardware. You will also learn about implementing disaster recovery as a way to protect physical resources. This module focuses on physical access to resources and how to protect them. Other modules will focus on access to data and how to protect it.

Lessons

Creating a Plan for Physical Security

Creating a Design for Physical Security of Network Resources

Lab : Designing Physical Security for Network Resources

Exercise 1: Identifying Potential Physical Vulnerabilities

Exercise 2: Implementing Countermeasures

After completing this module, students will be able to:

Create a plan for physical security.

Create a design for physical security of network resources.

Module 6: Designing Security for Network Hosts

The Windows Server 2003, Windows XP Professional, and Windows Vista operating systems provide many features and capabilities that you can use to configure and maintain a secure network operating environment. In fact, there are security capabilities in nearly every area of Windows. Many of these security features and capabilities have been added or enhanced since the introduction of the Microsoft Windows 2000 Professional and Windows 2000 Server operating systems.

In this module, you will learn how to determine threats and analyze risks to network hosts in an organization. You will also learn how to design security for network hosts throughout their life cycles, from initial purchase to decommissioning.

Computer networks use accounts to grant users, applications, and network services access to the information on a network. Network services are server applications that are usually hosted on dedicated server computers.

If an attacker gains access to an account that has excessive privileges, or breaks the password that is associated with an account, the attacker can obtain authorized access to a network.

Windows services are executable programs that run in sessions outside the session that the user who is currently logged on is using. In this way, services run in the background, independent of any user session. Services can start automatically when the computer starts, and can also be paused and restarted. Services may not show a user interface, although they typically communicate with a user interface to control and administer the service. Because of this behavior, services are ideal for use on a server or whenever you require long-term functionality that does not interfere with other users who are working on the same computer. In addition to services that Microsoft has created, many third-party vendors design products to be deployed as services running continuously in the background. Antivirus services are an example of this type of product.

In this module, you will learn how to determine threats and analyze risks to accounts and services in an organization. You will also learn how to design security for accounts and services, including determining security requirements, creating policies, and designing strategies to manage security.

Lessons

Creating a Security Plan for Accounts

Creating a Security Plan for Services

Creating a Design for Security of Accounts and Services

Lab : Designing Security for Accounts and Services

Exercise 1: Identifying Potential Account Vulnerabilities

Exercise 2: Applying Countermeasures

After completing this module, students will be able to:

Create a security plan for accounts.

Create a security plan for services.

Create a design for security of accounts and services.

Module 8: Designing Security for Authentication

In this module, you will learn how to determine threats and analyze risks to authentication. You will learn how to design security for authenticating local users, remote users, and users who access your network across the Internet. You will also learn when to choose multifactor authentication for additional security.

Lessons

Creating a Security Plan for Authentication

Creating a Design for Security of Authentication

Lab : Designing Security for Authentication

Exercise 1: Identifying Potential Authentication Vulnerabilities

Exercise 2: Applying Countermeasures

After completing this module, students will be able to:

Create a security plan for authentication.

Create a design for security of authentication.

Module 9: Designing Security for Data

Business data is one of the most valuable resources in many organizations. If data were to be irreparably damaged, lost, or exposed to competitors, many organizations would be adversely affected and perhaps even driven out of business. For client hosts, protecting data can be particularly daunting because portable computers can be stolen from mobile users, and backing up data for mobile users is very difficult. Protecting data that is stored on servers is still a significant challenge, but for most organizations it is one that is achievable. For these reasons, many companies require their end users to store their critical data on servers managed by their information technology (IT) department. Data can be protected through the use of access control lists (ACLs) on files and folders, by using encryption, and by using an effective backup and restore strategy.

In this module, you will learn how to determine threats and analyze risks to data in an organization. You will learn how to design an access control model for files and folders in order to protect data that is stored on network servers. You will also learn about considerations for encrypting and managing data.

Lessons

Creating a Security Plan for Data

Creating a Design for Security of Data

Lab : Designing Security for Data

Exercise 1: Identifying Potential Data Vulnerabilities

Exercise 2: Designing Countermeasures

After completing this module, students will be able to:

Create a security plan for data.

Create a design for security of data.

Module 10: Designing Security for Data Transmission

In this module, you will learn how to determine threats and analyze risks to data transmission in an organization. You will also learn how to design security for various types of data transmission, including traffic on local area networks (LANs), wide area networks (WANs), Virtual Private Networks (VPNs), wireless networks, and the Internet.

Lessons

Creating a Security Plan for Data Transmission

Creating a Design for Security of Data Transmission

Lab : Designing Security for Data

Exercise 1: Identifying Potential Data Transmission Vulnerabilities

Exercise 2: Implementing Countermeasures

After completing this module, students will be able to:

Create a security plan for data transmission.

Create a design for security of data transmission.

Module 11: Designing Security for Network Perimeters

Properly configured firewalls and border routers are the cornerstone of perimeter security. However, all of these devices must be properly secured because the entire network is put at risk when any one of them is compromised. Organizations must therefore invest time and resources in securing not only the Virtual Private Network (VPN) servers and the remote access servers (RAS), but also the mobile computers that are used to connect to those servers. To do business on and through the Internet, organizations must make some of their business applications and data accessible through the Internet. Traditional packet-filtering firewalls block network ports and computer addresses, but ports must be opened for the business applications. This means that your organization requires firewalls or proxy servers that are application-aware and capable of filtering network traffic at the application layer.

In this module, you will learn how to determine threats and analyze risks to network perimeters. You will also learn how to design security for network perimeters, including perimeter networks (also known as DMZs, demilitarized zones, and screened subnets), and for computers that connect directly to the Internet.

Lessons

Creating a Security Plan for the Perimeter of a Network

Creating a Design for Security of Network Perimeters

Lab : Designing Security Network Perimeters

Exercise 1: Identifying Potential Perimeter Network Vulnerabilities

Exercise 2: Implementing Countermeasures

After completing this module, students will be able to:

Create a security plan for the perimeter of a network.

Create a design for security of network perimeters.

Module 12: Responding to Security Incidents

Network security for an organization is an exercise in prevention. A good security design that is properly implemented will prevent most of the most common attacks. However, it is very likely that an attacker will eventually penetrate the defenses that you design.

When an attack happens, the key to limiting damage is early detection and a rapid and orderly response. Auditing is an important tool to help you to detect network abnormalities that may indicate attacks. An incident response procedure is a series of steps that you design in advance to guide your organization during a security incident.

Lessons

Introduction to Auditing and Incident Response

Designing an Audit Policy

Designing and Incident Response Procedure

Lab : Responding to Security Incidents

Exercise 1: Identifying Potential Vulnerabilities

Exercise 2: Implementing an Incident Response Team

Exercise 3: Implementing an Incident Response Plan

After completing this module, students will be able to:

Describe auditing and incident response.

Design an audit policy.

Design an incident response procedure.

Module 13: Appendix A: Designing an Acceptable Use Policy

This appendix provides information about creating policies for acceptable use of network resources by users.

Lessons

Analyzing Risks That Users Introduce

Designing Security for Computer Use

Module 14: Appendix B: Designing Policies for Managing Networks

This appendix offers guidelines for ensuring that network administrators manage networks in a secure manner.

Certificates offered

Certificate of Completion

Cancellation Policy

Cancellations or postponements received more than ten business days prior to the first day of the course will be fully refunded less a $75 processing fee. The cost of the course is payable, in full, for any cancellations or postponements received within ten business days, or less, prior to the first day of the course.

Reviews

If you have taken a course through this vendor please
log into your account and leave feedback for this vendor.
You will be helping ensure our members get directed to
the best training facilities.

Here are some reviews of the training vendor.

The course content was excellent ... if there was things that weren't relevant you could skip and spend more time on things that you needed to learn.
Training provider was excellent as her skill level was superb and her communication skills were superb.

Reviewed byMylo S.2015

This course should have dual screens

Reviewed byLeighanne H.2015

I was not able to finish the whole entire course. When creating course training please make sure that it fits the allotted time (beginning to the end). We had two breaks and Instructor did not allow us to listen to the course. I had maybe another 10 mins to finish the whole course, but the Instructor said that it was 4:30pm and it is Ok and we can go home. It is not Ok not to be able to finish the course..

Reviewed byOlga R.2014

Mentored training actually worked quite well for me. The instructor is there in the room all the time, available if needed. A lot of material for one day, but I did manage to complete it without feeling too rushed.

Reviewed byGillian E.2014

It is not possible to complete a beginner's course in one day. There is a lot of information to absorb. It is wonderful that one can re-sit a session within a limited time.

Reviewed bySharon K.2013

To bottom line my feelings about the course:
Course -- helpful but this comment is made with reservations.
Instructor -- excellent !

Reviewed byNadine R.2013

The course material was far too heavy for the duration of the course. The material needs to be reduced so that students do not feel rushed or pressured with time, or the duration of the class needs to be extended.

Reviewed byMelissa L.2013

Overall, the course has been well handled by the Training Provider. But i would expect that, somehow, there is a time allotted in the afternoon for more visible and face to face interaction between the TP and the whole class. Others may be asking questions that may not have been thought of by other learners but may be helpful.

Reviewed byLeo D.2013

Very impressed and would highly recommend.

Reviewed byChristina M.2013

The trainer was excellent...easy to talk to and very helpful and informed.

Reviewed byArlene T.2013

This was a very good learning environment. I prefer having an instructor present in case I have questions but also be able to work at my own pace.

Reviewed bySusan H.2013

I could have used some more time to go through the exercises in the sharepoint database.

Reviewed byLina B.2013

re Instructor assessment. ques. are N/A as it was independant mentored study.
Flash based training module had 1 hiccup where ctrl-b key was captured by OS and I had to hunt for alt-b to complete the module. Class mentor was unaware of flaw. I felt that the design of the module would have prevented me from completing the section if I was unable to locate alternative keystroke.
Worthwhile day.

Reviewed byPatrick K.2012

Course is very good but not enough time to complete the exercises. Should be at least another 1.5 hours longer.

Reviewed byKen C.2012

Using the self-teaching method made for a more relaxed working environment. As the instructor's assistance was on a one-on-one basis I was not hesitate to ask questions.

Reviewed bySteve R.2012

Would prefer an instructor led (classroom) style of training over a computer based course.

Reviewed byJoanna C.2012

I would suggest that the course manual contain more visual material (e.g. screen shots) versus words. The course was very well. I did not think I would like the on line method of training but I did. I also liked the fact that I could work through my lunch to complete the course earlier. I had to catch the go train so it worked better for me.

Reviewed byAngela D.2012

Susan was an excellent instructor, and was very helpful with providing extra "tips" not covered within the course material.

Reviewed byGena C.2012

I only realized after completing 2 units thoroughly that there is not enough time allotted for a lot practicing. I would tell students in advance that getting through the videos and practicing later in your own time is recommended.

Reviewed byJennifer L.2012

Enjoyed the flexibility of the "Modern Classroom" style of learning where you can move at your own pace and focus on what you need most. You can even move to the next chapter if you need help and the instructor is busy. Definitely dress warmly as the classroom was really over air-conditioned!

Reviewed byLaura G.2012

I loved the Adobe InDesign course but as a new user I felt there was so much material to cover and I wanted to take my time getting familiar with the program and learning about everything. I think if the class had been 2 days instead of 1 it would have been perfect!

Reviewed byLaurel A.2012

Manual provided was totally different then computer training.
Expected more hands on training instead of just watching an instruction video.

Reviewed byKellie D.2012

Great

Reviewed bylarissa h.2012

The video - was not at all interactive - only concepts were presented. The manual completedly different from the video material. I have no objections to using different approaches but a course on any software must include interactive materials.

Reviewed byKatarina F.2012

The course was set up in a way which was easy to follow. However, I thought there was a lot of information to take in the day. The instructor was very helpful and very knowledgeable.

Reviewed byBonnie .2012

The training provider, Melanie, was exceptional. She was very knowledgeable and sat with me personally for hands on training.
I found the course to be long and difficult to complete in one day.

Reviewed byBonnie .2012

The amount of material was a little much (maybe an hour) to cover in the allotted time - but otherwise good.

Reviewed byLisa K.2011

The room was too cold for me. The Instructor was very helpful.

Reviewed byAgnes S.2011

A co worker of mine, did not receive the certificate of completing the course.
As well, I received a website to log to after the course for 30 days (The Online Support). Although the vendor ID number does not exisit. I have gone back to my contact at Last Minute Training, and haven't received any feedback from her. The course was good, the follow up, was the greatest service.

Reviewed byJennifer S.2011

Would like to have access to the on-line training materials for this course for a period of time after course completion

Reviewed bySandra B.2011

Hi - the server crashed during my session and I would like to reschedule. Can someone contact me to do this?

Reviewed byMaura A.2011

This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.